Bomb
Ingredients, do-it-yourself poisons and illegal
drugs - even your bank details are stored on
computers. Could the world be at the mercy of a new
breed of Cybercriminal?

In the early hours of a February morning in 1995,
agents from the Federal Bureau of Investigation
(FBI) surrounded the Player’s Club, a group of
luxury apartment buildings in Raleigh, North
Carolina. When Kevin Mitnick, one of America’s most
notorious hackers, emerged from his flat the
authorities swung into action and arrested him. It
was the climax of a nationwide hunt by a team of
FBI agents, computer scientists and amateur
sleuths, headed by computer security expert Tsutomu
Shimomura.

Shimomura’s obsession with catching Mitnick began
when the hacker broke into his home computer system
in December 1994. Mitnick stole $1 million worth
of software from Shimomura’s machine and left him
taunting voicemail messages. After that, the two
became embroiled in a battle of wits that finally
ended with Mitnick’s arrest.

National Security

Kevin Mitnick first came to public attention as a
teenager in 1982, when as a ‘prank’ he used a
computer to access the US Air Defence Command. By
the time he was arrested, he was found to be in
possession of over 20,000 credit card details and
numerous secret passwords to sensitive computer
databases around the world.
Mitnick had also acquired the ability to control
the three central offices of telephone companies in
New York City, and all the telephone switching
centre’s in California. If he wanted to, Mitnick
could have accessed the nation’s major stock
exchange computers or military control centre’s and
held the world to financial ransom. At the time of
his court case, he could have theoretically been
sentenced to 100 years in prison.

Mitnick is just one of an infamous band of anarchic
computer scientists who have hit the headlines in
the past decade. Another is Mark Abene, also known
online by his hacker ‘handle’ Phiber Optik, who was
imprisoned on 7 January 1994 for targeting
telephone companies’ central computers. He was
jailed for a year and a day but was released on 7
November 1994.

Although Abene’s crimes did not carry the same
sinister threat as Mitnick’s, both shared a
fascination with telephone systems. Like Mitnick,
Abene had devised ways of obtaining free
international calls by hacking into
telecommunication control centre’s. This area of
computer hacking is known as ‘phreaking,’ and, for
obvious reasons, it is not appreciated by the likes
of British Telecom and AT&T. Another, slightly
childish, Abene trick involved ‘wiring’ home phones
in the UK to pay phones in the US so that a
computerized voice demanded ten cents every time
the receiver was picked up.

While this may have been a relatively harmless
prank, phreakers have the ability to ‘steal’ mobile
phone numbers and charge their calls to the
original owner's bills. They can also re-route their
domestic phone costs so that the amount shows up
on, for example, a neighbour's home telephone bill.
These crimes are not treated lightly - since 1990,
the cost of phreaking has cost UK telephone
companies an estimated £400 million.

Hacker Clamp-Down

Abene was particularly vocal about his exploits,
even broadcasting his techniques on a weekly New
York radio show. This was one of the factors that
brought him to the attention of the telephone
companies and caused his downfall. In court, a
former CIA agent, realising that Abene’s talents
were too good to waste in prison, offered to
supervise him in a job in Washington. The judge
rejected this offer and gave Abene the maximum
sentence possible. Many people believe that the
phone companies had pressured the judge to make an
example of Abene to deter other would-be hackers
and phreakers.

But Mitnick and Abene are just the tip of the
iceberg. With most of the world's largest companies
depending on computers to run their businesses, the
scope for computer crime is mind-boggling and as we
have now entered the 21st century, will the large
telecommunication giants be the only victims of
cyber crime?

Theft In Cyberspace

The Internet - a network of computers that can be
accessed by anyone, anywhere in the world, with the
aid of a modem-capable computer and a telephone
line connection - offers new opportunities and
challenges for hackers like Mitnick and Abene. Home
shopping and banking services are already available
over the internet, giving determined computer
fraudsters the chance to hijack bank account and
credit card details as they travel across the
information superhighway.

According to a survey conducted by Management
Consultancy PA, UK businesses lost around £40
million a day in 1995 through computer fraud.
Examples of this include the headline-hitting case
of hackers interfering with the magnetic strips on
supermarket loyalty cards to give themselves extra
bonus points, which can be used in exchange for
goods, services or airline tickets.

One particularly worrying trend is the growing
involvement of organized and well-equipped
criminals in computer fraud. Organisations as
diverse as the Mafia and the IRA need money to
support their criminal activities, and computer
fraud is a relatively low-risk way of raising large
sums of money. They can do this by coercing a
company employee into interfering with the computer
system and diverting money to a false bank account,
or by ‘planting’ one of their members in the
company to do it for them. The people perpetrating
these crimes rarely get caught because it is
extremely difficult to track down, let alone
prosecute, the person committing the crime.

However, this is not always the case. One of the
most audacious examples of cyber
crime came to
public attention in October 1996 with the arrest of
seven computer criminals. Using relatively
unsophisticated computer equipment - and a few
corrupt British Telecom employees - the so-called
‘Hole in the wall gang’ planned to hack into the
telephone lines running between cash dispensers and
central banking computers.

Hundreds of thousands of customer PIN numbers could
be obtained in this way. The PIN numbers could then
be decrypted, and loaded on to a new bank card.
Using a network of international thieves, money
could be obtained from machines across the globe.
Police claimed that the heist could have crippled
the UK’s financial institutions, had it succeeded.

Data Free-For-All

At the moment, computer fraud seems to be a problem
that only affects the profits of big businesses.
But as more and more people connect to the
Internet, cyber crime could end up being a problem
that affects everyone.

The Internet provides a forum for anyone to publish
any information they want, irrespective of the
legality. Hundreds of thousands of documents exist
on the Internet, which could prove lethal if they
got into the wrong hands. Instructions for creating
crude and sophisticated explosives - even atomic
bombs - can be found, as well as ordering details
for firearms and other dangerous weapons. Methods
for committing suicide exist, as well as
instructions on how to perpetrate and literally
get away with murder. You can even find advice on
how to change your identity and fake your own
death.

The abundance of illegal information on the
internet provides the ideal breeding ground for
would-be criminals. Of course, one could argue that
there is really no such thing as ‘Illegal
Information’ - how can knowledge be illegal?
Indeed, the very question raises an interesting
moral point. The answer is that it is not. Knowing
how to carry out an illegal act is not in itself
illegal, unless a person crosses the line between
knowing how to do something and actually doing it.

Another example of communication ‘free-for-all’ is
the proliferation of child pornography on the
Internet. Yet policing the Internet to stop on-line
child pornography is a mammoth - some would say
impossible - task. One of the main problems is that
different laws apply in different countries, and
the Internet does not fall under the jurisdiction
of any one place. If one country decides to crack
down on child pornography, paedophiles can simply
transfer their material to another country where
the laws are more lenient. Material can then be
uploaded on to the Internet and accessed by anyone,
anywhere in the world. Unsuspecting users can
sometimes stumble upon this kind of material
accidentally.

In the case of on-line paedophilia, some progress
is being made by the use of anonymous ‘tip-offs.’
Anyone who finds paedophile material on the
Internet can contact special groups who pass the
information on to the relevant authorities, and so
far this is proving fairly successful. However,
there are many ways of disguising unsavoury
material if a person is determined and skilled
enough.

Renegade hackers like Kevin Mitnick are always
prepared to challenge the so-called experts and
break their ‘unbreakable’ systems. But, given that
so much dangerous material exists on the Internet,
are hackers like Mitnick the real cyber criminals?
If their high profile computer skills keep the
experts on their toes and drives this area of
computer technology forward, perhaps the increase
in security knowledge can be used to banish the
sinister, anonymous information from the Net -
Before it gets out of control.